Today we are going to do CyberHeroes from tryhackme.
Let's run nmap.
found port 22,80 open.
Let's visit homepage.
found a login page.
Let's run gobuster on port 80
found login.html from both home page and gobuster.
Let's visit login page
tried some common credentials but no luck.
Let's see how this login function works
login function works with javascript and found the user name and reversed password.
Let's reverse password
we found the password.
Let's login with creds we found
bingo we nailed it see you later.